A denial of service vulnerability has been reported for Apache Commons FileUpload 1.3.1 which is used in WebSphere Lombardi Edition and IBM Business Process Manager.
CVE(s): CVE-2016-3092
Affected product(s) and affected version(s):
- WebSphere Lombardi Edition V7.2.0.0 – V7.2.0.5
- IBM Business Process Manager Advanced V7.5.0.0 – V7.5.1.2
- IBM Business Process Manager Advanced V8.0.0.0 – V8.0.1.3
- IBM Business Process Manager Advanced V8.5.0.0 – V8.5.7.0 prior to cumulative fix 2016.09
Refer to the following reference URLs for remediation and additional vulnerability details:
Source Bulletin: http://ift.tt/2dTpFFH
X-Force Database: http://ift.tt/2bozrA8
from IBM Product Security Incident Response Team http://ift.tt/2fn5WTR
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.